CCIE Security Written
The Security written exam (350-018) has 90-110 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please note, however, that other relevant or related topic areas may also appear.
Topics include networking fundamentals and security related concepts and best practices, as well as key sections on Cisco Network Security products and solutions in areas such as VPNs, intrusion prevention, firewalls, identity services, policy management, and secure network best practices. Content includes both IPv4 and IPv6 based concepts and solutions.
The CCIE Security written exam is a two-hour, multiple choice test with 100 questions covering the areas of skills and competency needed by a Security Engineer to implement, deploy, configure, maintain, and troubleshoot Cisco Network Security solutions and designs. Topics include Cisco network security devices, appliances, protocols, firewalls, VPNs, intrusion prevention devices, policy management, and best practices for implementing a secure network.
- Infrastructure, Connectivity, Communications, Network Security
- Security Protocols
- Application and Infrastructure Security
- Threats, Vulnerability Analysis and Mitigation
- Cisco Security Products, Features and Management
- Cisco Security Technologies and Solutions
- Security Policies and Procedures, Best Practices, Standards
CCIE Security Lab
Candidates may be required to perform implementation, optimization and troubleshooting actions in each of the exam topics sections and should also be comfortable with both IPv4 and IPv6 concepts and application.
- System Hardening and Availability
- Threat Identification and Mitigation
- Intrusion Prevention and Content Security
- Identity Management
- Perimeter Security and Services
- Confidentiality and Secure Access